PT-2023-16939 · WordPress · W4 Post List

Erwan Lr

Publicado

2023-04-17

Atualizado

2023-04-21

CVE-2023-1373

CVSS v3.1

6.1

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions W4 Post List WordPress plugin versions prior to 2.4.6

Description The issue is related to Reflected Cross-Site Scripting, where some URLs are not properly escaped before being outputted in attributes. This can lead to malicious scripts being injected into the website.

Recommendations For versions prior to 2.4.6, update to version 2.4.6 or later to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2023-1373

Produtos afetados

W4 Post List

PT-2023-16939 · WordPress · W4 Post List

CVE-2023-1373

Identificadores relacionados

Produtos afetados

Referências · 6